Commit 0cf6a9f8 authored by unknown's avatar unknown

Merge epotemkin@bk-internal.mysql.com:/home/bk/mysql-5.0-opt

into  sunlight.local:/local_work/29908-bug-5.0-opt-mysql


sql/sql_view.cc:
  Auto merged
parents 3144809c b7142fa1
......@@ -776,15 +776,59 @@ GRANT CREATE VIEW ON db26813.v2 TO u26813@localhost;
GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
GRANT SELECT ON db26813.t1 TO u26813@localhost;
ALTER VIEW v1 AS SELECT f2 FROM t1;
ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table 'v1'
ERROR 42000: Access denied; you need the SUPER privilege for this operation
ALTER VIEW v2 AS SELECT f2 FROM t1;
ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table 'v2'
ERROR 42000: Access denied; you need the SUPER privilege for this operation
ALTER VIEW v3 AS SELECT f2 FROM t1;
ERROR 42000: Access denied; you need the SUPER privilege for this operation
SHOW CREATE VIEW v3;
View Create View
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1`
v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f1` AS `f1` from `t1`
DROP USER u26813@localhost;
DROP DATABASE db26813;
#
# Bug#29908: A user can gain additional access through the ALTER VIEW.
#
CREATE DATABASE mysqltest_29908;
USE mysqltest_29908;
CREATE TABLE t1(f1 INT, f2 INT);
CREATE USER u29908_1@localhost;
CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
SELECT f1 FROM t1;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
CREATE USER u29908_2@localhost;
GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
ALTER VIEW v1 AS SELECT f2 FROM t1;
ERROR 42000: Access denied; you need the SUPER privilege for this operation
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1`
ALTER VIEW v1 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v1;
View Create View
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f2` AS `f2` from `t1`
ALTER VIEW v2 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v2;
View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
ALTER VIEW v1 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v1;
View Create View
v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f1` AS `f1` from `t1`
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
View Create View
v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1`
DROP USER u29908_1@localhost;
DROP USER u29908_2@localhost;
DROP DATABASE mysqltest_29908;
#######################################################################
DROP DATABASE IF EXISTS mysqltest1;
DROP DATABASE IF EXISTS mysqltest2;
CREATE DATABASE mysqltest1;
......
......@@ -1034,10 +1034,11 @@ GRANT SELECT ON db26813.t1 TO u26813@localhost;
connect (u1,localhost,u26813,,db26813);
connection u1;
--error 1142
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v1 AS SELECT f2 FROM t1;
--error 1142
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v2 AS SELECT f2 FROM t1;
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v3 AS SELECT f2 FROM t1;
connection root;
......@@ -1047,6 +1048,50 @@ DROP USER u26813@localhost;
DROP DATABASE db26813;
disconnect u1;
--echo #
--echo # Bug#29908: A user can gain additional access through the ALTER VIEW.
--echo #
connection root;
CREATE DATABASE mysqltest_29908;
USE mysqltest_29908;
CREATE TABLE t1(f1 INT, f2 INT);
CREATE USER u29908_1@localhost;
CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
SELECT f1 FROM t1;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
CREATE USER u29908_2@localhost;
GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
connect (u2,localhost,u29908_2,,mysqltest_29908);
--error ER_SPECIFIC_ACCESS_DENIED_ERROR
ALTER VIEW v1 AS SELECT f2 FROM t1;
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
connect (u1,localhost,u29908_1,,mysqltest_29908);
ALTER VIEW v1 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v1;
ALTER VIEW v2 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v2;
connection root;
ALTER VIEW v1 AS SELECT f1 FROM t1;
SHOW CREATE VIEW v1;
ALTER VIEW v2 AS SELECT f2 FROM t1;
SHOW CREATE VIEW v2;
DROP USER u29908_1@localhost;
DROP USER u29908_2@localhost;
DROP DATABASE mysqltest_29908;
disconnect u1;
disconnect u2;
--echo #######################################################################
#
# BUG#24040: Create View don't succed with "all privileges" on a database.
#
......
......@@ -223,9 +223,6 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
{
LEX *lex= thd->lex;
bool link_to_local;
#ifndef NO_EMBEDDED_ACCESS_CHECKS
bool definer_check_is_needed= mode != VIEW_ALTER || lex->definer;
#endif
/* first table in list is target VIEW name => cut off it */
TABLE_LIST *view= lex->unlink_first_table(&link_to_local);
TABLE_LIST *tables= lex->query_tables;
......@@ -280,7 +277,7 @@ bool mysql_create_view(THD *thd, TABLE_LIST *views,
- same as current user
- current user has SUPER_ACL
*/
if (definer_check_is_needed &&
if (lex->definer &&
(strcmp(lex->definer->user.str, thd->security_ctx->priv_user) != 0 ||
my_strcasecmp(system_charset_info,
lex->definer->host.str,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment